package com.awanp3.nimbus.system.strategy.impl;

import cn.dev33.satoken.stp.StpUtil;
import cn.dev33.satoken.stp.parameter.SaLoginParameter;
import cn.hutool.json.JSONUtil;
import com.awanp3.nimbus.common.core.constant.HeaderConstants;
import com.awanp3.nimbus.system.domain.vo.LoginVo;
import com.awanp3.nimbus.system.domain.vo.SysClientVo;
import com.awanp3.nimbus.system.domain.vo.SysUserVo;
import com.awanp3.nimbus.system.form.HWorkLoginBody;
import com.awanp3.nimbus.system.service.ISysUserService;
import com.awanp3.nimbus.system.strategy.IAuthStrategy;
import com.awanp3.nimbus.system.strategy.SysLoginService;
import com.awanp3.nimbus.common.core.constant.Constants;
import com.awanp3.nimbus.common.core.utils.ValidatorUtils;
import com.awanp3.nimbus.common.satoken.utils.LoginHelper;
import com.awanp3.nimbus.common.tenant.helper.TenantHelper;
import com.awanp3.nimbus.system.api.model.LoginUser;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Service;

/**
 * 使用H-Work Token完成登录
 *
 * @author 20014170
 */
@Slf4j
@Service("hWork" + IAuthStrategy.BASE_NAME)
@RequiredArgsConstructor
public class HWorkAuthStrategy implements IAuthStrategy {

    private final SysLoginService loginService;

    private final ISysUserService sysUserService;

    @Override
    public LoginVo login(String body) {
        HWorkLoginBody loginBody = JSONUtil.toBean(body, HWorkLoginBody.class);
        ValidatorUtils.validate(loginBody);
        String tenantId = loginBody.getTenantId();
        String username = loginBody.getUsername();
        String hWorkToken = loginBody.getToken();

        SysClientVo client = loginService.checkClient(loginBody.getClientId(), loginBody.getGrantType());

        if (TenantHelper.isEnable()){
            loginService.checkTenant(tenantId);
        }

        LoginUser loginUser = TenantHelper.dynamic(tenantId, () -> {
            SysUserVo sysUserVo = sysUserService.selectUserByUserName(username);
            LoginUser user = loginService.buildLoginUser(sysUserVo);
            //尝试解析过的token才会调用该登录策略，无需校验，登录必须成功 TODO 解析成功后存redis，在此处校验
            return user;
        });
        loginUser.setClientKey(client.getClientKey());
        loginUser.setDeviceType(client.getDeviceType());

        SaLoginParameter model = new SaLoginParameter();
        model.setToken(hWorkToken.replace(Constants.JWT_PREFIX, ""));
        model.setDeviceType(client.getDeviceType());
        // 自定义分配 不同用户体系 不同 token 授权时间 不设置默认走全局 yml 配置
        // 例如: 后台用户30分钟过期 app用户1天过期
        model.setTimeout(client.getTimeout());
        model.setActiveTimeout(client.getActiveTimeout());
        model.setExtra(HeaderConstants.CLIENT_KEY, client.getClientId());
        model.setExtra(LoginHelper.GRANT_TYPE_KEY, client.getGrantType());
        // 生成token
        LoginHelper.login(loginUser, model);

        LoginVo loginVo = new LoginVo();
        loginVo.setAccessToken(StpUtil.getTokenValue());
        loginVo.setExpireIn(StpUtil.getTokenTimeout());
        loginVo.setClientId(client.getClientId());
        return loginVo;
    }

}
